questions mailing quarantined files

Sean Embry sean at NISD.NET
Fri Jul 29 21:40:21 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Hi,
 
This is my set up:
 
Mail enters and leaves via the Mail Scanner box. The Mail Scanner is the
MX for my domain, and my internal systems use the MailScanner box as
their smart host. The internal boxes are protected by an ACL that only
allowes the MailScanner box to connect to them, restricted by an ACL.
 
The problem:
 
Someone receives a file on the MailScanner. The file gets quarantined for
whatever reason.
I want to be able to email that file in regardless of the quarantine, but
I only want someone with root privs to be able to do that.
EG: someone uses
formail -s procmail -d [username]@my.internal.box.net < message
 
(I'm doing that with an eye to setting up a web page where the user can
retreive the file.)
 
We used to be able to do this on the 4.12-2 box, but on our new 4.43.8-1
box this no longer works.
It gets bounced just as if it were sent from the internet, whereas the
old box was quite happy to allow it.
 
Also, I've noticed on the old box, the headers for the internal forwards
look thus:
 
Return-path: <abuse at orb.nisd.net>
Received: from orb.nisd.net
 (orb.northside.isd.tenet.edu [165.111.2.14])
 by thor.nisd.net; Wed, 06 Jul 2005 13:42:07 -0500
Received: (from abuse at localhost)
 by orb.nisd.net (8.11.6/8.11.6) id j66IdMI10273
 for abuse at thor.northside.isd.tenet.edu; Wed, 6 Jul 2005 13:39:22 -0500
Received: from xxx.xxx.edu (xxx.xxxx.edu [xxx.xxx.xxx.xxx])
 by orb.nisd.net (8.11.6/8.11.6) with ESMTP id j66IdKm10259
 for <abuse at nisd.net>; Wed, 6 Jul 2005 13:39:20 -0500
 
Our new headers appear thus:
 
Return-path: <abuse at nisd.net>
Received: from neworb.nisd.net
 (neworb.northside.isd.tenet.edu [165.111.2.20])
 by thor.nisd.net; Fri, 29 Jul 2005 12:35:15 -0500
Received: from neworb.nisd.net (neworb.nisd.net [127.0.0.1])
 by neworb.nisd.net (8.13.1/8.13.1) with ESMTP id j6THZ2aH013183
 for <abuse at thor.northside.isd.tenet.edu>; Fri, 29 Jul 2005 12:35:07
-0500
Received: (from abuse at localhost)
 by neworb.nisd.net (8.13.1/8.13.1/Submit) id j6THZ2PT013182
 for abuse at thor.northside.isd.tenet.edu; Fri, 29 Jul 2005 12:35:02 -0500
Received: from xxxxx.com (xxxxx.xxxxx.xxxxxx.com [xxx.xxx.xxx.xxx])
 by neworb.nisd.net (8.13.1/8.13.1) with ESMTP id j6THYooL013160
 for <abuse at nisd.net>; Fri, 29 Jul 2005 12:34:56 -0500
 
This looks like the system is scanning the local mail too now, so each
email is getting scanned twice. If that's the case, what should I do
about that?
Just to be clear, the only users that will ever be local on this box are
system admins.
 
 
And a last word:
Happy Sys Admin day, and especially Julian for all the hard work. Thanks
Julian! ($BEVERAGE of your choice awaits you when first we meet)
 

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/)
and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list